Information on the protection of personal data
Amami Viaggi di Marco and Michele Gasparro S.n.c., as owner of this site and as owner of the processing of personal data, in accordance with the provisions of art. 13 of EU Regulation 2016/679 (GDPR), wishes to provide some information about the processing of personal data communicated by the user to the website www.amami.it, as well as about the rights granted to the user regarding the protection of personal data.
In this information, the terms “AV” will be used, in order to indicate Amami Viaggi, and “User”, in order to indicate the travelers as well as the owners, tenants and managers of the accommodation facilities who access and use the software, tools and services provided. through the website www.amami.it, hereinafter referred to as the “Site”.
The information is valid for any type of information that is collected through the AV platform or through other means connected to the platform itself (for example, e-mails for booking).
The Site may contain links to third-party websites, or to the General Conditions and Information on the protection of privacy of third parties that provide services on the Site: AV is not responsible for the methods of protecting personal data adopted by such websites or for the content of the same and, therefore, invites the User to read these documents carefully before accepting the conditions or using them.
If you do not accept, in whole or in part, the terms of this document, the User is invited to stop browsing the website www.amami.it.
Furthermore, the User is advised that this information, and therefore the rules governing the area of Privacy, may be subject to changes and / or updates in order to reflect regulatory needs, technological developments, site updates and changes in the methods of collection. , use and disclosure of data. In any case, the User will be promptly informed about any updates before the new activities begin.
Browsing and use of the Site are reserved only for Users of age.
2. Holder of the treatment of personal data
Amami Viaggi by Marco and Michele Gasparro S.n.c. is a partnership subject to the laws of Italy, with registered office in Salerno (Italy), Via Fuorni 11, 84131. Website: www.amami.it; e-mail: email@example.com.
Amami Viaggi is the Data Controller of personal data pursuant to this Notice.
Personal data are processed at the operational headquarters of AV, located at the following address: Via Toscana n. 12, 84098 – Pontecagnano Faiano (SA), Italy.
To exercise the rights provided by law, the User can contact Amami Viaggi at the above address.
3. Type of personal data and information collected
Is navigation on the site? free and personal data will be collected only in the event that a reservation is made, or when the registration is completed to request information or to access the functions reserved for registered users.
The personal data that are requested, in order to use the services and functions provided by AV, include information suitable for identifying the User, including the name and surname, telephone numbers, fax number, postal addresses and e -mail, credit card information, the names of any other people traveling with the customer and specific preferences, such as mobility restrictions.
For example, in order for a traveler to send a request for information or send a booking request to AV, it will be necessary to know all or some of the following data: the name and surname of the User, the age and date of birth, the ” address and city of residence, telephone number, profession, passport or identity card data, domicile, e-mail address, current position, bank details necessary for processing of payments, such as bank account details, and other payment and billing details.
If the User, on the other hand, assumes the role of owner and intends to enter into “business to business” (b2b) and “business to consumer” (b2c) contracts through direct contact with AV or registration on this Site, it may be necessary to collect data personal data suitable for your identification, such as name and surname, address and city of residence, telephone number and e-mail address.
Then, further hypotheses may occur in which information and personal data will be collected.
For example, while browsing the AV website, data relating to your computer, telephone or other access device will be collected, which include the IP address, date and time of access to the service, hardware, software or the browser used, information on the computer’s operating system and language settings.
AV may collect and process information on the user’s geographical location, including GPS signals sent from a mobile device, or data relating to IP addresses.
When the User uses social features on the Site, the manager of them will send data to AV on the basis of their information.
We also remind you that when information is shared on the Site, it may be indexable by search engines, including Google.
The collection of information can also take place through cookies or similar technologies, as specified in the specific information on the Site.
AV also allows the publication of reviews by Users regarding the structures in which they have stayed. In this case, by completing a review, the User consents to the public display of his username or any avatar chosen on the Site.
Data concerning the health of the interested party, recognized as sensitive personal data pursuant to art. 9, par. 1, of EU Regulation 2016/679, are not processed by AV, except in the case where the User expressly communicates them and requests to use such data. Such data will never be made the subject of automatic decision-making processes or profiling, and will in any case be processed only in order to provide a better service to the User (by way of example, information about the facilities suitable for welcoming disabled people).
4. Methods of use of personal data and purpose of processing
The communication of personal data to AV is on a voluntary basis. However, depending on the type of service chosen, it can only be provided if certain personal data are collected.
Thus, depending on the cases and the services requested and offered, the User’s data can be used for the following purposes:
a) To provide the User with the services requested by the latter or to support his request;
b) To provide information about the services provided by AV to the User, where requested by the latter through the Website, email addresses and telephone numbers, and therefore in response to a request from the interested party;
c) To contact the User in order to communicate relevant updates, changes in performance or any cancellations;
d) For the management of the booking made by the traveler on the AV site or through the portals affiliated with AV. In this case, the traveller’s data will be processed to process the booking itself, for the management of the service purchased, for the fulfillment of the obligations deriving from the travel contract and for all other purposes related to the management of the individual service. The data will also be transmitted to the owners of the individual services purchased;
e) To connect owners and travelers in order to manage and complete the booking. For example, the transfer to the traveler of the data concerning the owner, upon explicit request, or the transfer to the owner of the structure of the data concerning the traveler who made the booking;
f) For marketing, marketing, direct sales, archiving and collection purposes, as well as for sending the newsletter and other information and advertising material, with explicit consent, in the event that the User, as owner, sign b2b and b2c contracts.
In fact, if the owner stipulates a b2b contract with AV, meaning the e-commerce contract between companies, in the two variants “on request” and “instant booking”, your personal data will be necessary for marketing, marketing and sales purposes. direct stay at the facility, through the AV site and the portals affiliated with AV (Booking, Expedia, Travel Agencies, Tour operators etc.).
In the case of a b2c contract, i.e. an electronic commerce contract between businesses and consumers, however, it will be necessary to collect the owner’s personal data, in order to use the services offered by the AV site, such as the promotion and sale of the stay at the structure by inserting it on the AV website.
In both cases, consent to the processing of personal data and? optional, but its lack determines the impossibility? to register on the site and to use the services provided by AV.
g) To receive payments made by the User in relation to the services requested: the information provided by the User relating to credit / debit card data, current account or other payment data to receive payments and any deposits, will be processed and used to carry out accounting and billing requirements;
h) To carry out accounting-financial, administrative, legal and tax obligations and for communications to the competent Authorities;
i) To provide personalized content, services and advertising, with the express consent of the User which can be withdrawn at any time. In this case, some personal data of the User, i.e. name, surname, contact details, email and telephone numbers, date of birth, city or region of residence, could be used to provide information on the activities carried out and on the organization of services offered by AV through newsletters or emails. In the case of subscription to the newsletter, the e-mail address provided will be used for sending news, information, advertising material, special offers, marketing and promotional campaigns etc.
j) To compare the accuracy of the information and verify it with third parties;
k) To identify, investigate and prevent activities that may be potentially illegal, illicit or harmful and to enforce the information on the protection of personal data.
For the purposes referred to in letters a), b), c), d), e) it is not? the consent of the interested party is required for the processing of personal data, as and to the extent that these treatments represent a necessary requirement for the establishment and execution of the contractual relationship and the consequent obligations, rights and obligations of the law. In this case, the communication of the data and? mandatory and failure to provide it will make it impossible to establish and execute the contractual relationship.
The consent of the interested party is, however, required for the purposes referred to in letter i) and is optional. Failure to authorize the processing of personal data for promotional campaigns and for advertising and marketing initiatives will, in fact, make it impossible? to provide the information.
Where the legal basis of the processing is consent, the processing, then, can only be carried out if the interested party is at least 16 years of age, as for minors under the age of 16 and? consent must be given by the holder of parental responsibility.
5. Sharing of personal data
For the purposes described in this Notice, the User’s personal data may be disclosed to the following third parties and categories of recipients, depending on the case and the services requested and offered:
– In the case of simple information requested by the User through the website of the Owner, letter, email, telephone and communications for information and promotional purposes, the data may be shared with the technicians and IT companies that take care of the website and the IT network and with Cloud suppliers;
– In the event of the establishment of the contractual relationship aimed at providing the services provided by AV, whether the User assumes the role of traveler and intends to book a facility, or as an owner, the data may be disclosed to:
– Owners of the structures: in the case of booking a structure on the Site or through one of the portals affiliated with AV, the traveller’s personal data, i.e. the personal data of the same, will be transferred to the owner of the chosen structure, in order to complete the booking . Furthermore, if the traveler makes a complaint, by e-mail or by telephone, and with explicit consent, his complaint and his name could be shared with the owner of the structure;
– IT companies responsible for maintaining the Site and the AV IT network;
– The Cloud provider: E-star group s.c. a.r.l., located in V. Caprera, 19 – 07039 Valledoria (SS), Italy;
– Other companies, in order to promote all or part of the advertisements relating to the properties of the owners or to offer promotional services and other services. This could include the promotion of the advertisement and photographs of the property on other websites;
– Accountants, administrative and legal consultants, where necessary;
– Payment service providers and other financial institutions: if the traveler or the holder of the credit card used for the reservation requests, for example, a cancellation, some information about the reservation itself will need to be shared with the payment service provider and the specific institution financial, in order to manage the reversal.
– Competent authorities and law enforcement agencies, if this is required by law or if it is absolutely necessary for the detection, prevention or carrying out of legal proceedings against fraud or crimes;
– Applicable tax authorities or other authorities authorized to collect taxes, where necessary, to pay taxes by or on behalf of travelers or owners to the tax authorities, in order to comply with any valid request.
In such circumstances, AV could, therefore, establish contractual measures to ensure that data protection is in line with Italian and EU legislation on the matter. The User may at any time request to view and extract a copy of the aforementioned contractual agreements, by sending an email or by sending a written communication to AV, in the manner indicated below.
6. Retention of personal data
The personal data provided by the User are physically located on the servers of Aruba s.p.a., the AV service provider that manages the SQL database in which the data is saved.
The Datacenter of Aruba s.p.a. And? located in Via San Clemente n. 53, 24036, Ponte San Pietro (BG), Italy.
Between AV and E-star group, cloud provider, and? was an agreement entered into in which and? guaranteed that the information is adequately protected on the Aruba s.p.a. server and remain the property of AV.
AV will keep the data for as long as necessary to provide the services that have been requested by the User and for other essential purposes, described above, i.e. the fulfillment of contractual obligations, administrative, legal, tax obligations, compliance with applicable legislation, the defense of legitimate rights and interests, the resolution of any disputes and in application of what is required and permitted by the applicable legislation.
The processing of data for the aforementioned purposes will take place mainly using automated methods, always in compliance with the confidentiality and security rules provided for by law.
The personal data used by AV for the automated sending of the institutional newsletter and for marketing purposes will be kept until the User notifies AV in writing that he no longer wishes to receive this information.
If you have any questions about this information, the data retention criteria, the practices of this Site or the operations carried out within it, Users are invited to contact AV at the following e-mail address: firstname.lastname@example.org.
7. Protection of personal data
Although no computer system is able to guarantee absolute security, AV uses security measures aimed at safeguarding the personal data provided by the User, in order to prevent unauthorized access and improper use of the personal data contained in its database. , as well as the accidental loss, destruction and damage of the same. Only authorized personnel, such as managers, employees or collaborators, can access personal data while carrying out their work.
Nevertheless, the User has the sole responsibility of:
– Prevent unauthorized access to your account. For example, if the User’s e-mail account is used improperly by third parties and, therefore, violated, this could allow access to the account that the User has with AV, if access has been granted through this account. Therefore, if the User believes that one of his accounts has been hacked, he must change the credentials of his AV account and make sure that any personal account that has been compromised does not allow access to his account opened at AV;
– Prevent other people from using the Site with their own account;
– Disconnect or exit your private area when you no longer use the Site;
– If necessary, keep the password or other information for accessing your private area secret;
– Maintain a good level of internet security and avoid security threats.
If the User deems his reserved area to be compromised, he must promptly notify AV, so as to allow the adoption of protection measures for the reserved area and the Site and any alerts from potentially involved parties.
8. Management of the personal data of minors
The processing of personal data can only be carried out if the interested party is at least 16 years old, the age at which consent can be validly given. For children and teenagers under 16 years of age and? consent must be authorized or given by parents or legal guardian.
9. Rights of the interested party
At any time, the User has the right to exercise the rights referred to in articles 15,16,17,18,19,20,21 of EU Regulation 2016/679 (GDPR) including the right of access, rectification, cancellation of your data, limitation to processing, to obtain that your data be transmitted directly to another Data Controller and to oppose the processing of data concerning him at any time.
Specifically, the interested party has the right to:
– Request from the Data Controller how to use their personal data and the purposes for which they are processed;
– Request access to the personal data held by the Data Controller, receiving a copy of the same;
– Request the names of the recipients to whom such data have been or will be communicated;
– Request the data retention period or the criteria for determining this period;
– Request data portability, i.e. the transferability of data in a format that can be used electronically by the interested party or by third parties;
– Propose a complaint to a supervisory authority;
– Request the updating, rectification or integration of their personal data, including by providing a supplementary declaration, in order to correct inaccurate or incomplete information;
– Request the transformation into anonymous form of the data or oppose the processing of the same, except in cases in which the processing of the data constitutes a legal or contractual obligation or requirement necessary for the conclusion or execution of a contract and the consequent obligations, legal, contractual, administrative, fiscal and other rights and obligations, as required by law;
– Request the cancellation of personal data, if they are no longer necessary for the purposes for which they were processed or collected;
– Request that the rectification or cancellation operations be communicated to those who have communicated or disseminated the data, except in the case in which this fulfillment proves impossible and involves the use of means manifestly disproportionate to the protected right;
– Obtain the limitation of the processing of their personal data, if they are inaccurate or are necessary for the assessment, exercise and defense of a right in court;
– Object at any time to the processing of personal data carried out for marketing purposes, including profiling to the extent that it is connected to such direct marketing;
– In cases where the processing is based on consent, at any time revoke the consent to the processing previously given, for example to the receipt of promotional and information communications (which are not necessary for the establishment of a contractual relationship or its execution) and to the processing of data through automated decision-making processes. In this case, following the revocation of the consent, the personal data of the interested party will no longer be processed for the purposes subject to legitimate revocation, except by virtue of another legitimate legal basis and purpose.
The interested party who wishes to exercise one of these rights, may send an email to email@example.com, or send other written communication with acknowledgment of receipt at the operational headquarters of the Data Controller located in Via Toscana n.12, 84098 , Pontecagnano Faiano (SA), Italy.
In order to verify that the information is not disclosed to people other than the interested party (or to a person exercising parental responsibility in the case of minors under the age of 16), specific information may be requested to be able to confirm the identity of the applicant and the right to access the requested information or to exercise any of the aforementioned rights.
2. How are cookies used?
1. What are cookies?
A cookie is a small piece of data that is stored in the file directory of the user’s computer or mobile device by the websites that the same is using.
Thanks to cookies, the site remembers the actions and preferences of the User, so that the same does not have to re-enter them later. Cookies do not contain viruses. No one else can read the cookies other than the Amami Viaggi company.
In fact, AV cookies are called “proprietary cookies”, ie they are attributable to the operator who is currently managing the site that released the cookie. There is also a further difference between “session cookies” and “persistent cookies”: the former have a limited duration and are deleted when the browser is closed, while the latter, the so-called persistent cookies, have a longer duration and are not automatically deleted when the browser is closed.
Cookies are used in various ways and for different purposes.
The types of information that Amami Viaggi collects through cookies include:
– the IP address;
– Device ID;
– pages visited;
– type of browser;
– navigation data;
– operating system;
– internet service provider;
– referral URL;
– functions used and activities carried out within the Site.
More precisely, Amami Viaggi uses so-called “technical cookies”, in order to improve the functioning of the Site, “functional cookies”, in order to remember the User’s preferences (by way of example, the language and the searches carried out previously), “analytical cookies”, necessary to optimize and improve the functioning of the site and to verify the effectiveness of marketing. In the latter case, the data collected through cookies includes the web pages visited, the exit and entry pages, the type of platform, information on the time and date of access, the words searched and the texts entered in the various fields.
It is not necessary to enable cookies for the Site to work, but doing so improves navigation.
In any case, it is possible to delete or block cookies, but in this case some services and functions of the Site may not work properly.
The navigation data always remain under the control of AV, which uses them exclusively for the purposes described above.
3. Third party cookies
By way of example, the cookies used to collect information for statistical and content personalization purposes could be identified as “third-party cookies”.
Most browsers allow you to change settings so that these cookies are not accepted.
4. How to control cookies?
The User can manage or delete cookies in the manner described on allaboutcookies.org.
and through the help section of your browser. Among the browser settings such as Internet Explorer, Safari, Firefox or Chrome, the User can delete the cookies already present on their PC or set the browser to prevent their installation.
It should be noted that this information may be changed in the future, therefore users are invited to visit the page regularly for all updates.